A journalist in Pennsylvania was targeted by phishing attacks that involved thread hijacking, according to Brian Krebs at KrebsOnSecurity.
The journalist for LancasterOnline, Brett Sholtis, had written a story last year about a wealthy businessman named Adam Kidan who pleaded guilty to fraud in 2005. Several months after the story was published, Sholtis received two emails from Kidan’s email account.
“One of the messages appeared to be a lengthy conversation between Kidan and a colleague, with the subject line, ‘Re: Successfully sent data,’” Krebs writes. “The second missive was a more brief email from Kidan with the subject, ‘Acknowledge New Work Order,’ and a message that read simply, ‘Please find the attached.’”
The emails contained attachments that would launch phishing pages designed to steal Microsoft Office 365 credentials.
“Sholtis said he clicked the attachment in one of the messages, which then launched a web page that looked exactly like a Microsoft Office 365 login page,” Krebs writes. “An analysis of the webpage reveals it would check any submitted credentials at the real Microsoft website, and return an error if the user entered bogus account information. A successful login would record the submitted credentials and forward the victim to the real Microsoft website.”
Fortunately, Sholtis recognized that the emails were suspicious, and didn’t fall for the attack. The emails grabbed his attention, however, since they came from a presumably compromised account belonging to Kidan.
“The best advice to sidestep phishing scams is to avoid clicking on links or attachments that arrive unbidden in emails, text messages, and other mediums,” Krebs writes. “If you’re unsure whether the message is legitimate, take a deep breath and visit the site or service in question manually — ideally, using a browser bookmark so as to avoid potential typosquatting sites.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
KrebsOnSecurity has the story.
Here's how it works:
